HIPAA Compliance

Ex-Methodist Staff Plead Guilty to Illegal PHI Exposure in HIPAA Violation Case

by Sarai Rodriguez

Six individuals, including five former Methodist Hospital employees, face sentencing for HIPAA violations after pleading guilty to the unauthorized disclosure of personal health information (PHI)...

Pandemic-Era Telehealth Rules Set to Expire in May, Shifting HIPAA Compliance Obligations

by Jill McKeon

The COVID-19 public health emergency (PHE) is set to end on May 11, marking the expiration of many pandemic-era support programs and lighter compliance obligations. As such, the HHS Office for Civil...

Aligning Substance Abuse Confidentiality Regulations With HIPAA to Enhance Compliance

by Jill McKeon

Since 1975, the Confidentiality of Substance Use Disorder (SUD) Patient Records regulations under 42 CFR part 2 (Part 2) have protected the confidentiality of individuals suffering from substance use disorder. These key protections aim to...

HHS Restructures OCR to Better Handle Increased HIPAA Complaint Volume

by Jill McKeon

The HHS Office for Civil Rights (OCR) announced new restructuring efforts, including the formation of three new divisions, in order to better manage its increased volume of HIPAA and HITECH complaints...

HHS Delivers 2 Reports to Congress On Healthcare Data Breaches, HIPAA Compliance

by Jill McKeon

The HHS Office for Civil Rights (OCR) delivered two reports to Congress that shed light on healthcare data breaches and HIPAA compliance efforts logged during the 2021 calendar year. The reports...

Advent Health Partners Agrees to $500K Healthcare Data Breach Settlement

by Sarai Rodriguez

Advent Health Partners has agreed to pay a $500,000 settlement to resolve a class-action lawsuit stemming from a 2021 healthcare data breach that affected more than 60,000 patients. Advent Health...

Banner Health Pays $1.25M to Resolve HIPAA Security Rule Investigation

by Jill McKeon

The HHS Office for Civil Rights (OCR) settled with Banner Health following a HIPAA Security Rule investigation stemming from a 2016 data breach. Banner Health agreed to pay $1.25 million to OCR and...

Breach Reporting Requirements Are Top Concern For Security Teams

by Sarai Rodriguez

Cybersecurity leaders are buckling up for rising costs, a challenging talent shortage, and uncertain data breach reporting requirements going into 2023, according to a Deepwatch Q4 2022 SecOps...

OCR Settles HIPAA Right of Access Case With Georgia Lab

by Jill McKeon

The Office for Civil Rights (OCR) announced a settlement with Georgia-based Life Hope Labs following a potential HIPAA right of access violation. Life Hope Labs, a full-service diagnostic lab in Sandy...

How to Properly Dispose of Electronic PHI Under HIPAA

by Jill McKeon

Improper disposal of protected health information (PHI), whether a paper record or a digital file, can result in HIPAA violations and significant fees. For example, in 2020, the New Jersey Division of Consumer Affairs and the New Jersey...

How to Properly Dispose of Paper Medical Records, Physical PHI Under HIPAA

by Jill McKeon

Improper disposal of protected health information (PHI) can result in HIPAA violations, Office for Civil Rights (OCR) investigations, and hefty fines. For example, in August 2022, OCR settled a case with a Massachusetts-based dermatology...

OCR Resolves HIPAA Right of Access Case With FL Primary Care Practice

by Jill McKeon

The HHS Office for Civil Rights (OCR) reached a HIPAA right of access settlement with Health Specialists of Central Florida. The primary care practice paid OCR $20,000 to resolve the potential HIPAA...

FTC, HHS Update Mobile Health App Data Privacy Compliance Tool

by Jill McKeon

The Federal Trade Commission (FTC) and HHS updated their Mobile Health App Interactive Tool, designed to help mobile health app developers understand which data privacy laws apply to their apps. The...

OCR Outlines Proper Use of Tracking Tech to Maintain HIPAA Compliance

by Jill McKeon

Following reports that patient data was transmitted to Facebook through the use of tracking technology on hospital websites and within password-protected patient portals, the HHS Office for Civil...

Top 3 HIPAA Compliance Challenges of This Year

by Jill McKeon

In the years since HIPAA was first enacted in 1996, technological and societal developments have left covered entities with no shortage of compliance challenges. This year was no exception. “This has been quite the year for those...

5 Former Methodist Hospital Employees Indicted Over HIPAA Violations

by Jill McKeon

Five former employees of Tennessee-based Methodist Hospital have been indicted by a federal grand jury for committing HIPAA violations, the US Attorney’s Office for the Western District of...

Aveanna Healthcare Reaches $425K Settlement After Healthcare Data Breach

by Sarai Rodriguez

Aveanna Healthcare reached a proprosed settlement to resolve a healthcare data breach lawsuit stemming from a 2019 string of phishing attacks that impacted hundreds of thousands of Massachusetts...

OCR Releases Video On Recognized Security Practices Under HITECH

by Jill McKeon

The HHS Office for Civil Rights (OCR) released an educational video presentation on recognized security practices (RSPs) under HITECH. Nick Heesters, senior advisor for cybersecurity at OCR, presented...

Doctor Pleads Guilty to HIPAA Violation, Wrongful Disclosure of PHI

by Jill McKeon

Former physician Frank Alario, 65, admitted to a HIPAA violation in which he conspired to wrongfully disclose patients’ protected health information (PHI) to a pharmaceutical sales...

Recent Articles